Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

MrMetlHed writes "A portion of this Reuters article about the Pentagon's inability to manage paying soldiers properly mentions that their payroll program has 'seven million lines of Cobol code that hasn't been updated.' It goes on to mention that the documentation has been lost, and no one really knows how to update it well. In trying to replace the program, the Pentagon spent a billion dollars and wasn't successful."

We did flowcharts in Basic and Fortran, but COBOL was IPO charts (Input, Process, Output) and module diagrams for us; oh we did psudeocode of the modules, psuedocoding COBOL is really tough because cobol is so wordy.

Have you seen Cobol? It takes several hundred lines to write a "Hello World" program. 7 million lines of Cobol can probably be replaced by 70 lines of Perl (at the expense of any possibility of anyone ever reading it).

I'm no fan of COBOL (and enjoyed Dijkstra's criticism), but its main flaws are not to do with being verbose. "Hello World" is longer than it would be in most languages, though a lot of that is just overhead; in general the line count in COBOL is not massively bigger than in other languages. Of course, the syntax in each line can be a mouthful, with an excessive use of keywords obscuring the structure, but in coding business logic this is not always a disadvantage (business logic is often convoluted anyway,

Have you seen Cobol? It takes several hundred lines to write a "Hello World" program. 7 million lines of Cobol can probably be replaced by 70 lines of Perl (at the expense of any possibility of anyone ever reading it).

The claim that the documentation "vanished" seems bogus. Far more likely in my opinion that it never existed in the first place, or that at some point they fired everyone, and thus broke the chain of custody.

Normal staff turnover in the military is 2 years on an assignment. People come in knowing next to nothing, spend two years learning 80% of what the previous incument knew and then move on. It doesn't take many cycles of that before all useful knowledge is lost.

I will say that I was pleased to discover that my old software (my very first program, written with one of my NCO's - and it's not clear from the comment, but that wasn't anywhere close to my job...it just happened for convenience) was still being used more than 10 years after the fact, although I do admit that I was a bit dismayed as well...in retrospect it wasn't all that impressive:p

Eh...there probably was some half baked documentation at some point, but I doubt it was maintained very well by the people who edited that codebase over the decades.

I also doubt they fired any of them unless they were contractors...you have no idea how ugly the federal workers union is about things like this. They almost can't lose their jobs through incompetence or anything else. Which brings me to the problem...the people who wrote it probably wrote half-assed spaghetti code, didn't document it well, and then died off or retired. No one is learning cobol anymore, so you get what we've got right here.

Plus...trying to replace any system in the government or military is an extremely painful exercise that probably fails more often than it succeeds. Between the people you need to deal with, and the policies you need to dance around...it's almost impossible to stand a new system up. (Unless you have someone in a high place that really gets it, and champions the hell out of it...and even then, it's iffy.)

I was a defense contractor for 4 or 5 years. It was quite a few years ago now. Left that behind, and I don't miss it.

Yes, there was and there is. It's called "source code." One of the reasons that COBOL is such a verbose language is that it was designed so that bean counters with no programming experience could audit the source code and understand it well enough to make sure that nobody was stealing anything. Not only that, it's rare that COBOL code actually needs any comments because the variable names are long enough that you shouldn't ever have to guess what any of them are used for or what's being done with/to them.

As far as spaghetti code goes, that can be a problem, especially in very old code, from before such things as structured programming were conceived. And, there's even a statement, "ALTER," which allows you to create self-modifying code, although even back in the '80s when I learned it in school, we were warned never to use it.

While it's true that COBOL is meant to be self documenting, there is, in a 7 million line project, a difference between understanding any particular section of code and being able to comprehend the entire structure of the project. If that structure is undocumented, you will have a lot of reading before you grasp the program globally. Apparently the "failures" that were being experienced were not leading the maintainers to the appropriate sections of code and such a global understanding had become necessary.

I know it breaks one of the cardinal rules of software development, but if you have a cool billion to throw at the problem and the existing mess cannot be fathomed, perhaps starting afresh is an idea...

Yes, except that you'd have a period at the end, not a semicolon. (This is why statements in COBOL are referred to as "sentences.") However, if you did try something like that in a shop where the bean counters were auditing your code, they'd probably reject it for lack of clarity and insist that you gave that variable a more meaningful name. If you really want to, you can obfuscate code written in any language, but it's probably harder to get away with in COBOL than in most other languages.

There are very few non-programmers who can follow most source code and have the slightest idea of what's going on. In many cases, such as Perl, it's often not enough to be a programmer, you need to understand the specific language. COBOL is the only computer language I know of that can be followed by somebody with no programming experience at all.

Eh...there probably was some half baked documentation at some point, but I doubt it was maintained very well

That may well be because any decent COBOL programmer knows (or knew) that the code itself is indeed self-documenting. COBOL code may be tedious to write (actually, it certainly is) but it has the advantage of being quite easily maintained.

So, no excuses. It's more likely the US Govt is too cheap to hire anyone with the appropriate skills. It's also quite possible that an age bias has been applied by their HR bozos, thus excluding that generation most likely to be good at this work.

Ahhhhh...no. COBOL has a GOTO. Legacy COBOL has a tendency to use the GOTO a lot. In legacy COBOL, all the variables are global (although you did at least have to declare them all). These things do not make for easily maintained code.

Far more likely in my opinion that it never existed in the first place, or that at some point they fired everyone, and thus broke the chain of custody.

Being the spouse of some one who works for a Gov. entity (her) AND being in IT (me), its far more likely that the the engineers who created the system(s) have long since retired. Fed workers rarely get 'fired'. And interestingly its more likely that the system was documented to a much higher degree than you would think; there are entire fed. departments devoted to documenting things and creating requirements documents. The problem is once the process is documented and archived, those same sad COBOL systems are used to process the records that describe the location of the documentation

The claim that the documentation "vanished" seems bogus. Far more likely in my opinion that it never existed in the first place, or that at some point they fired everyone, and thus broke the chain of custody.

I think the truth is probably much simpler than that. Someone dropped the card deck containing the documentation, and they never managed to sort it back into the right order.

"The claim that the documentation "vanished" seems bogus. Far more likely in my opinion that it never existed in the first place, or that at some point they fired everyone, and thus broke the chain of custody."

I agree with the latter, but that still means the documentation did "vanish". It just doesn't address why.

I think the money would have been better spent simply replacing the Pentagon and all its staff. The new one can be 5-sided, too. But they should build it in Montana and staff it with locals. It's cheaper. They'd probably win more wars for us too.

Hughes would compartmentalize documentation on how to manufacture everything. There software had similar fragmentation in the source code. To collect all the documents would require having access to the root document which would then lead to the first level. Then would come tertiary and quaternary levels. There is NO centralized list of all the documents needed, you MUST parse every sheet of paper.

I recall one gasket for a keyboard for some aircraft system they'd installed in the mesozoic era. When Raytheon

a billion dollars to replace an antiquated program and the project fails. This is why our military is the most expensive in the world, and why I've argued for years that comparing military spending between nations is only apples to apples if each nation is competently spending what they are given.

I've seen this happen with lots of "let's replace this antiquated software" projects. There's alot of trust put into hiring someone to do this properly. Usually the people writing the check don't know enough about software architecture or requirements gathering to foresee that the contractor is going about it the wrong way and dooming the project to failure. Or administration that isn't open to the concepts that must be embraced to move from paperless to electronic, etc. So many ways for something like this to fail terribly. Only time I've seen it succeed is a combination of competent leadership of the software development combined with the administration trusting the judgement of the software developer when it advises on process changes that will need to be implemented. Rarely do you get both of these things together, and when you are missing one then it's a disaster.

I've been technical lead and technical contributor on numerous such projects, it's an absolutely core part of my work. And it is incredibly difficult in large environments, where numerous groups have evolved distinct usage and workflows and are often very resistant to change. Coupled with the amount of money being managed in this project, and the military and security requirements, such a project is well beyond the capabilities of any group I've ever met.

Added to this, people often have the misconception that just because something is "old" it is less complex than the current requirements. In reality, all that COBOL was written to perform the same function on severely limited hardware that they now want to accomplish on a simple server system -- and I bet the data and processing requirements both then and now are astronomical. The end result is that whoever is doing the new system is likely pitting themselves against whatever the brightest minds of yesteryear were able to produce, and it won't be simple. That old system had time to be fine tuned, and the protocol built up over the years is designed around the precise quirks created by the system. Thus, the entire architecture and ALL related protocol has to be re-examined prior to architecting a replacement system -- and I doubt the winning bidder was even asked to bid on that, especially in a military organization.

This reminds me of the odd undocumented workaround processes that always seem to creep into the work habits of the users of some complex systems. It is almost impossible to catch those when gathering requirements because they never formally exist.

COBOL [wikipedia.org] is a high-level language that had the first compilers in 1960 running essentially the same program on both RCA and UNIVAC computers. Usualy some changes may have to be made in the CONFIGURATION SECTION. but other than that the compiler and the Operating system takes care of it. The problems I'd imagine happening is some of it is written in pre-ANSI COBOL 68, most in ANSI COBOL 68, a fair amount in COBOL 1974 and a smattering of COBOL 1985; so a lot can depend on how strict the compiler is. I imagine e

There is no "off the shelf" product that is going to handle payments to Civil War survivors and the 160 years of federal laws passed since then for paying soldiers/survivors their wages in every war since.

At the simplest, one need know only who to pay, how much, and how often.

Well said.

Likewise, to fly a 747 one need only push and pull the stick a bit, to perform a heart transplant one need only know what to cut and what to stitch, and to cure cancer one need only know what atoms to stick together.

I think that is correct. There is also the fact that until very recently many of the major powers, and major regional powers, were still mainly using conscription to fill their armies. It makes a bit of a difference when you are paying your soldiers market rates for their labors instead of what you would pay conscripts. You also have the factor of first world cost structures versus third world costs. Last time I look at some data within the last few years, an American corporal (1 step above the highest

Apples to apples is always a good comparison, but exactly what military are you saying is more efficiently run? The US military may waste more money per year than the GDP of some small countries, but it is probably not the most proportionally wasteful military out there.

It's also important to note that as the mission of the military becomes more expansive, there is a lot more room for waste. If you're running the military of say, Luxembourg, you might be able to keep a tighter leash on it, not just becaus

I've maintained legacy payroll software (Oracle RPT, predates PL/SQL) and have been marginally involved in migrating clients to the new shiny payroll system. Generally it fails where the client wants the new system to behave exactly like the old system.

The new system usually can handle the required business rules (or it's not too much work to make this happen) but all the processes around those rules are different. eg the new system needs to generate report RW200 to lineprinter 6, daily at 6PM and must be formatted just so (no one reads the first 1000 pages, but the summary page is critical to some obscure business process.)

So, the new system has to print unformatted ASCII to a serial line printer, in an obscure way, on nonstandard paper, that's hard to replicate in a modern report writer. Never mind the already written, laser printed, on-demand reports (or emailed, or exported to excel or whatever) have the same information - it's NOT THE SAME - our users will be confused so it MUST BE CHANGED!.

Rinse and repeat for basically everything else in your system and you've heavily modified your new system to behave just like your old payroll system (and killed any performance improvements, worked out all the bugs etc again). because it's so heavily modified you're basically on a unique version of the new system that only certain programmers really understand. Ant they're going to retire / leave because the project was so shit to work on.

Add the usual government oversight/waste and you've blown a billion dollars. (that's impressive though, I have to say.)

You totally get it. It takes strong leadership to tell the business units that they must conform their procedures to the new system and it will be installed as is. That is the way to succeed. Then once it's in you can start opening it up.

This is less of a "government efficiency" issue than it is a "contracting" issue.

Imagine you have a gigantic system like this that you need to replace. So you want to hire someone to build the replacement. You can't just go give $1B to company X and say "I'll see you in five years when you've built me a new pay system" - the taxpayers (and their representatives) would never go for that. Instead, you first go build a set of requirements that such a system must meet and then you award the contract to build the system to the company that convinces you that (a) they'll build the system that best meets those requirements and (b) they'll do so in a cost-competitive way (if not cheapest, then close to cheapest).

Therein lies the crux of the problem - building large complex software systems over multiple years "to spec". In short, it can't really be done:

1. You won't get the requirements right. At best, if you spend a ton of money, you'll get a decent set of requirements, for some narrow segment of your user base, that is appropriate for the state of the world at contract award. But they'll be woefully out of date by the time the system is actually built. More often, you won't pay enough money and you'll get an RFP that is 50%+ "cut and paste" from previous RFPs, and has only a passing resemblance to what is really needed.

2. Managing a multi-year software development project is tough enough when you're the one building it. It is many times more difficult to try and look over a contractor's shoulder and make sure that they are (a) meeting requirements, (b) meeting schedule, and (c) not wasting (or stealing) money. This is even more difficult when you have thousands of crappy nonsensical or ambiguous requirements (the norm for such large systems).

3. Even if you get decent requirements and decent/lucky contract management, you still have huge product and engineering hurdles that don't often show themselves until you get the software in the hands of real users. And (more often as not) find out that it doesn't work for them.

I've only ever seen one model work successfully (in my time in the USAF and as a contractor):

1. Put organic (e.g., military or civil service, not contractor) resources in charge of the system development.

2. Don't try to spec and build the system as a whole unit. Instead, start with something small and easily defined and then work *directly* with end users to evolve and enhance the system over multiple years. At some point in the evolution of the system (neither the beginning nor the end), you make the call that the system is functional and stable enough to deploy.

3. Use contractors as labor, project-managed by your organic resources. This tends to mean fairly integrated teams (organic and contractor) and a different sort of contract vehicle. It also means that swapping contractors out is actually feasible and doesn't cause the failure of the entire project.

The above system works beautifully. And Congress, contractors, and contracting agencies within the military hate it. Which is probably why it isn't done more often.

I think your understanding is flawed. They already have competing priorities and don't get enough money to fund them all. In comparing the US and China, remember that the US pays everybody a lot more than China does. An American corporal is paid about as much as what a Chinese is paid. You may also want to keep in mind that defense spending as a portion of GDP has fallen from about 38% of GDP in 1945 to about 4-5% today. Spending for social welfare programs is about 2x what is spent on defense.

Comparing the world-beating Nazi military & engineering structure to some guys in caves who arguably aren't even an actual organization is lunacy.

But fine, let's use your "real war" coffins as a metric. U.S. military deaths in WWII: 416,800. U.S. military deaths in Iraq & Afghanistan combined: 4,409+2,200 = 6,609 (source: Wikipedia). Using the military GDP numbers from upthread, we have GDP-Percent-Per-Coffin values:

The true indecency was the attacks against innocent people by al Qaida - they killed and wounded thousands of people before the US became truly committed to fighting them. There is no shame in calling the war what it is. It isn't a witch hunt. There have been hundreds of arrests and convictions for terrorism related offenses in the US. There have been thousands and thousands of terrorists killed or captured abroad. The reason the day to day threat to American lives appears to be low is due to the effec

You are quoting the heritage foundation, which has a specific agenda. If you don't know what it is then that is your problem.

How about I quote the war resisters league, where they claim 47% [warresisters.org] of the government spending is military related.

The difference between the two numbers is, what one considers military spending, and what considers government spending in general. For example, is the NSA's gigantic surveillance military spending (it is after all part of the "defense department")? How about the pension pr

The government doesn't create the GDP, but it does tax economic activity reflected in the GDP and various types of wealth. The government uses taxes to get the money it spends. The tax burden imposed by the government on the economy may be represented as a percentage of the GDP. Maybe you've seen some faulty discussions of the issue in the past, but it is a fairly common way of describing the burden of government and taxes on an economy, and on society. That isn't a claim that the government creates the

I do data processing from rubbish sources (people who can't follow specs) every day.

Its a pain yes but not actually that difficult. Everything you just described takes time but it certainly isn't impossible to do.Import data, find differences, fix mistake and repeat until it is working well.

They should optimize their process and then rewrite their software to match it, using modern languages with proper decoupling of all the various calculations. Replacing the old system will only be difficult if they base it on the existing software, which is most likely the usual tangles mess of poorly written COBOL. The sad part is that defining the full requirements is actually pretty difficult in itself.

There is basic pay, plus “entitlements” for everything from serving in a combat zone to housing allowances to re-enlistment bonuses.

Was it that different in WWII? I don't know the details, but there were definitely things like combat pay. Yet they handled it all with paper (and maybe some punch card machines). As the old line goes "to err is human, but to really screw things up requires a computer".

The used 100 to 1000 times as many people. Working in un-air conditioned building doing routine work over and over. Then it was all double and triple checked. When they screwed up, you could yell at them. There is no way we could afford to recreate that system with today's pay scales. Also, these were sharp people. No one like that would even apply for the job. Welcome to the post industrial society.

My dad was in charge of Payroll at Ft. Hood during the late 1960's while he was drafted. (he was a private with BA in Accounting and ran the department because the LT screwed up the Col's pay one too many times). They figured pay vouchers a lot by hand, but processed even back then via a Mainframe, usually at night. Then they would dispense the pay in cash those days. It was a nightmare even back then, often times requiring a lot of manual calculations.

Not true. Payroll software is amazingly complicated. And every year all the laws change so that you have to update it. It's constantly in flux. Federal, state, county, and sometimes even city laws to cover all the employees you have, plus of course foreign laws if you want to incorporate that into a single payroll department. That's why most places outsource this stuff. It's a huge expense to do it yourself and economies of scale make sense to have entire companies devoted to just that one job.

The big problem with C11 is that is it no longer "backwards"-compatible with C++, so many will ignore it. For a large number of people "C" is going to remain defined as "the subset of C++ that I can get a C-only compiler to compile".

The code base is so large that its ~4.8 lines per active duty US military person. The code would be shorter if it was nothing but one line per person that prints how much to pay. You might argue that this would have maintenance issues, but automated porting of it would be trivial, and for the $billion they spent try to replace it, you could pay almost $1000 per print statement to keep it updated.

The DoD is well known for changing the specs of a project constantly through out the life time of a program so I'm not surprised the update in the 90s failed it probably had 5,000+ changes from it's initial concept and then you add in the required corruption and incompetence needed to be a government employee or contractor and it makes perfect sense it failed.

You are correct. And wrong. According to the Reuters article, there were more than 15,000 requirements changes during the lifetime of the project. So you had precisely the right idea. You just underestimated the ability of a bureaucracy to fight back. By an order of magnitude.

And that's what it was, too. Make no mistake, the project failed because a successful software system would reduce the headcount of the DFAS dramatically. That couldn't be allowed to happen, so it was sabotaged by eternal feature creep.

And of course, they started with PeopleSoft, and there's no organization better at absorbing all available money for no return besides the DOD itself. Talk about a match made in hell...

I wonder if part of the problem is that this is overly centralized. Someone above mentioned how they did this all with paper in WWII. I can't imagine the pay for millions of service personnel being calculated by an army of clerks based in Indianapolis. The actual calculations must have been more distributed, with perhaps pay records following a soldier along with his other records.

Decentralizing it should make the bureaucracy more flexible too. Especially in hardship cases like the one described in the stor

Regardless of your political leanings this is a job that the private sector could handle way way better. It is super hard to create a good software shop...let alone being the military.

We use paycor and we have good to great IT in general. We could program a pay app, but why the hell would we? Is pay schedule really that complicated....if it is why not simplify it...a great opportunity for reform.

Cobol is based on the notion of processing what are essentially formatted text files, one line at a time. If you knew the format of a file to be read by a Cobol program, you could re-write it in awk and use about 1/50th the amount of code.

Of course what really needs to be done is to document the actual process and system requirements, and then just put up a modern payroll processing system. The biggest problem is that there are a lot of people whose job it is to take a piece of paper from one bin and put it in another. All of those jobs would be put at risk were you to actually do something substantive about this problem. They're far more concerned with their jobs than actually getting anything done.

The biggest problem is that there are a lot of people whose job it is to take a piece of paper from one bin and put it in another. All of those jobs would be put at risk were you to actually do something substantive about this problem. They're far more concerned with their jobs than actually getting anything done.

No, the problem is you don't understand the problem domain and thus just repeat platitudes on the assumption that doing so makes you look wise. This system has been in place for years, all the old

They did! That billion dollars wasn't to rewrite it -- that was just to buy and integrate a PeopleSoft package! Supposedly, PeopleSoft is good at that kind of thing, since that's what they sell to other big companies too stupid to write and maintain a simple payroll system.

They don't need to try integrating to someone else's package again, unless they want to shovel another billion dollars into some other undeserving contractor's hands.